SUSE CVE-2024-41054

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...

kernel: dm: call the resume method on internal suspend

A flaw was found in the Linux kernel’s device-mapper dm component. The issue arises during internal suspend operations where the resume method is not correctly called. This issue leads to problems such as list corruption, specifically observed when running the lvm2 test suite. The problem occurs...

kernel: dm: call the resume method on internal suspend

A flaw was found in the Linux kernel’s device-mapper dm component. The issue arises during internal suspend operations where the resume method is not correctly called. This issue leads to problems such as list corruption, specifically observed when running the lvm2 test suite. The problem occurs...

kernel: dm: call the resume method on internal suspend

A flaw was found in the Linux kernel’s device-mapper dm component. The issue arises during internal suspend operations where the resume method is not correctly called. This issue leads to problems such as list corruption, specifically observed when running the lvm2 test suite. The problem occurs...

No title provided

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...

Medium: kernel

Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...

SUSE CVE-2022-48853

In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happens follows: 1 The test case issues a command code 00 TEST UNIT READY...

SUSE CVE-2022-48862

In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can overflow to 0 when start is 0 and last is ULONGMAX. One instance where it can happen is when userspace sends an IOTLB message with...

SUSE CVE-2022-48787

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all or, presumably, all of the firmware files failed to parse, we end up unbinding by calling devicereleasedriver, which calls remove, which then in iwlwifi calls...

CVE-2023-52886

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

DEBIAN-CVE-2022-48797

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption with his Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that...

UBUNTU-CVE-2022-48786

In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsockconnect expects that the socket could already be in the TCPESTABLISHED state when the connecting task wakes up with a signal pending. If this...

UBUNTU-CVE-2022-48797

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption with his Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that...

AZL-48942 CVE-2024-40977 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery During chip recovery e.g. chip reset, there is a possible situation that kernel worker resetwork is holding the lock and waiting for kernel thread statworker to b...

UBUNTU-CVE-2024-39497

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...

kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dellsmbios initdellsmbioswmi only registers the dellsmbioswmidriver on systems where the Dell WMI interface is supported. While exitdellsmbioswmi unregisters it unconditionally, th...

kernel: gro: fix ownership transfer

A flaw was found in the Linux kernel's Generic Receive Offload GRO feature, where packets processed with a fragment list are not properly orphaned due to incorrect handling of socket references. This vulnerability can cause system instability or kernel bugs. The issue has been fixed by making sur...

kernel: wifi: nl80211: reject iftype change with mesh ID change

CVE-2024-27410 is a vulnerability in the Linux kernel’s Wi-Fi subsystem, affecting the nl80211 interface. The issue occurs when a mesh ID is set while simultaneously switching the interface to mesh mode, which can overwrite critical data in the wireless device's configuration. This can lead to...

UBUNTU-CVE-2024-37026

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with...

DEBIAN-CVE-2024-37356

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...